From the first moments of human communication, cryptography has been present as one of the most useful tools for protecting the information. Its origins are in the ancient
Greece and it is the science in charge of avoiding some unauthorized person to read a certain message. This is done by changing its shape, the order of the word or applying some code that makes it totally unreadable without the key to decrypt it.
Nowadays, it is widely used in computer science, banking, militar operations or information management. In the digital era ,our message is no longer made of letters, but huge binary numbers. It would seem that an endless chain of 1 and 0 is impossible to decode, but the imagination and the economical interest of some people has made neccesary inverting large amounts of money to protect confidential and private data.
In this part of Digital Rights Management we focus on the possible application of cryptographical algorithms in the hardware inside the new TFT displays. Our goal is to provide a secure enough path between the sender and the receiver so that no attack can be possible.
When the words “secure enough path” are used, it is meant that the security is high enough to discourage all possible attacks. It is necessary that out information is not worth stealing compared with the amount of money, time and technology necessary needed for doing that. There are no perfect algorithms and most of them have been proved to be breakable or having theorical vulnerabilities even though there still has not been any successful attack against them from unknown sources. Human being is not perfect, so do its inventions. The creators of the newest and stronger cryptographical methods can only say that their systems have not been broken YET.
Assuming that our network (internet, wireless, radiofrequency) is “secure enough” and that information is sent encrypted, we would like it to be decrypted inside of our display to make the man-in-the-middle attack very difficult. With the current technology, the chip that decrypts the information is separated from the pixel driver array of the screen and it has been reported that some attacks to the electric signal with the decrypted information on its way to the array are possible.
The new TFT technology that has appeared recently offers the possibility to merge both devices to close the security chain and make a trusted application with an additional spare of space. In the sections ahead it will be explained how has this technology developed, which could be the possible applications and it will be shown a possible model of decryption microprocessor and the way it works.

The beginning of the substitution of Cathodic Ray Tube televisions in the middle of the nineties has multiplied the multimedia possibilities of these devices and also create a new standard technology with which all kind of displays could be made, from mobile phones, to
PDAs, watches, laptops, everything.
The acronym TFT stands for Thin Film Transistor and the newness of them is basically the material with whom they are done, as they just work as normal field transistors.
The old CMOS transistors (complementary metal-oxide-semiconductor) are present in all hardware parts than can be imagined due to their low power dissipation and because of the useful they are in circuits where high performance is required. They are almost totally made of rigid parts of Silicon oxide and are opaque.
TFT transistor are made of plastic or glass, being much cheaper than the latter even though the substrate where they are placed still contain some silicon. Their electric performance is not still as good as the CMOS, but that will be solved in the next years though it must be said that they already can be used for making displays. Another interesting characteristic of them is that they are transparent and flexible, which enables the possibility of building new 3D architectures for microchips.
There are different kinds of TFT transistors, as they have been developed by different companies. The existing models are labelled according to their different substrate can be made of hydrogenated amorphous Silicon (a-Si:H), polycrystalline Silicon (poly-Si) or continuous grain Silicon (cg-Silicon) which is regarded to be the possible future standard, according to Sharp experiments. The carrier mobility of cg-silicon TFT transistor is the highest among all the other kinds and really complicated circuits can be implemented on it.
The other change to be made to flat screens is substitute LCD and plasma arrays
(where the image is created) by OLED arrays. OLED means Organic Light Emitter Diode and have appeared recently. LCD and plasma displays work modulating the light generated by a back light source, which is excited by a voltage. Depending on that voltage, the light intensity will de different and different colours will be produced.
In laboratories, OLED demonstrate higher luminous efficiency, more brightness, lower production cost and less voltage requirements, because they do not need a backlight source.
But also other characteristic that is more important that is a larger viewing angle, which is one of the big LCD disadvantages. There is not any TV with this technology yet, because the life expectancy of OLEDs is still relatively low for selling a high-quality display with guaranties.
The displays already made with OLEDs have a lifetime of 1000 hours, but new tissues have been working 10000 hours without stopping, which makes think that in a couple of years some good models could start be getting into the market. The OLED is formed by a multilayer tissue, where the recombination of holes and carriers produce an excess of energy that is released as light.
The way OLED work need a constant current trough them and this require a large transistor driving circuit, controlling all of them. The size of current displays makes unwise to use CMOS transistors, for the economical cost explained above, so this makes necessary to implement a driving matrix in TFT technology.

This possible application was proposed in 1995 and basically is meant to provide a secure communication between the central sever of a bank and the shop terminal. The costumer would have to introduce the transaction data in the terminal and authorizes the operation. Then, the data are sent to the main server of the bank, which sends a confirmation message to the shop terminal to verify that all data are correct.
Although our trusted display provides an additional level of security, soon was noticed that this system was vulnerable to man-in-the-middle attack To solve this there are two possible solutions, which also maintain the need of a trusted display.
The first solution is to use a smart card reader that communicates directly with the bank server trough a private encrypted path, before doing the transaction. The costumer has to accept the transaction in both the shop terminal and the smart card reader. As the information is sent twice, the possibilities of an attack are decreased.
The second solution is the securest of all of them. It is based on a remote customer terminal, such a PDA or a mobile phone. The amount of money is put in the shop terminal and sent to the bank server. The costumer reviews the data and sends an identifier to the bank and the shop approving the full operation. The bank then sends again to the remote terminal all the details to the user, waiting to be confirmed again on the remote terminal display.
Payment is done after this last confirmation. This method is much better because it uses two independent networks, needs an approval from the costumer and also is using two trusted displays. For that reason it has been the chosen method to make a patent in the United States.
This application was first suggested in 1998 by FINREAD consortium. This acronym stands for Financial Transactional IC card reader and it is formed by some companies that distribute credit card such as VISA, American Express and Master Card among others. The objective is reinforcing the security of smartcards by developing a card reader device connectable to a PC. The consortium also stresses the importance of having a secure display at home to ensure that the data presented to the user are correct.
Basically, all the communication is between the bank and the card trough secure interfaces and the computer plays no role in manipulating the information. Knowing the card number and the PIN is not enough to access the private account details as the bank only exchanges encrypted information with the card. In order to access the account, the attacker should have the card, the user authentication password and also the reader the user has at home. This makes necessary get into the user’s home to get all the information.
The system works as follows. First, the user begins a session with his web browser and establishes an SSL/TLS channel between the user PC and bank’s Web server by setting up a
SSL/TLS session without client authentication. Then the bank server checks if there is an authorised reader with a valid smart card in it.

After that, the user needs to give the PIN number of the card and also a digital signature key. If both are valid, the system requires the card and the reader two private keys to begin an authenticated java applet. Then establishes an encrypted and mutually authenticated
SSL/TLS session over which all communication traffic will be sent my signing the validated
PIN and digital signature. Before beginning a session in the web browser, the user is again requested an application key by sending a random challenge that the user must be able to answer with the documents previously received from the bank.
The reader then sends the card key and the user’s application key after signing them to the bank server which now is sure that the transaction request comes from the owner of the card and the reader. This system might be slow but this way one can be sure that his money is safe.
In the future, it would be necessary a voting system without paper which make faster all the elections process and get rid of election rigging as happens in many countries nowadays. This application has been taken on account recently and still there isn’t any system capable of performing this function. The idea is similar to the eCommerce suggested above and also here a trusted display is extremely necessary to have the maximum security in such an important event.
The voters must be sure that nobody sees the information they are sending and also that it is correct. They should identify themselves with their own digital sign and their ID in the terminal before voting. The government server would send again the information to the display so that the user can verify it after sending the vote.
Again, adding a remote terminal to the process to use two independent networks would make the whole system safer. After identifying himself, the voter sends a request to the central server, asking for permission to vote. The server sends to the display and the terminal the information received and then the user must only confirm again in his remote terminal to send his vote.
Like in the eBanking application, there is a group of telecommunication enterprises that are inverting money to distribute safely data on mobile terminals. This association is known as OMA (open mobile alliance). Their goal is being able to transmit multimedia content that con only be seen by the user of a certain device. One way to achieve this result is sending the information encrypted in a way that can only be decrypted in the display making impossible that can be sent to other user with out paying.
This can be done, attaching to the sent files a private key, which is different for every mobile and for every user. This way, if a user sends the file to someone, the information received would not make any sense. Here, a violation of the keys is very difficult and would require an access to the display circuits, where the decryption circuits are embedded, in order to get the users key. The risk of destroying the terminal is very high and get the private key would require a high technology effort.
Nobody has begun yet to develop these devices, but the possibilities are very interesting for the broadcasting of music, images and videos to a private group of costumers with lower prices than in shops.

From this point, all the applications explained have no bibliography because are only my personal suggestions. I must say I find them very interesting and with many possibilities for the next years
With the beginning of the distribution of new TFT screens replacing the old CRT televisions, the possibilities of new multimedia broadcasting make very interesting see how the schemes of Digital Rights Management can be applied. Like the example above for mobiles, I think that a multinational could decide to offer the owners of its devices some private programmes that they could only be able to see.
Implementing cryptographic circuits inside the screen makes possible sending the information encrypted so that there is no need for having a decoder attached outside the TV like it has being done until now. Germany World Cup case points out that this is not science fiction. Sony has bought the rights to broadcast all the matches in its own TV format, so anyone who does not have a Sony TV will have to change the aspect the image ratio of their televisions if they want to see them properly. Of course if someone has an old TV, the images received will not have the shape they should.
The next step could be a private Sony TV channel, where you only have to buy its TV in order to be able to decrypt all the programs. If that had been done with the matches of the
World Cup, it would have been very polemical.
Another possibility could be an association between video game dealers and a TV company. There could be some special games, or special editions of them that could only be seen in a specific TV. Nowadays, some video game companies recommend using their products only in certain devices and I think this could be the next to happen.
All the information about this field comes from Spain, but I think that in all European countries there must be similar projects. The situation is that there is a high percentage of the population that live in small villages spread all over rocky areas where the communications are not very good and in addition to that the average age is very high. Every time there is a medical urgency or some special diagnose or procedure must done, an ambulance must go to the place where the patient lives and take it to the central hospital of the province.
The solution to that came with broadband internet connections. In all the villages, there is a medical centre equipped with a high speed connection, where people go every time they need. There, the nurse or the local doctor send the information via internet to the main hospital, where another team of doctors receive the data and send back the treatment the patient needs or the diagnose to a radiography.
The point is that medical information is private and some security applications are needed. Having trusted displays would make safer the transmission of all those data and would prevent that somebody gets the information of a patient. The security procedure could be similar to one of all the examples already shown having a remote device to confirm twice that the path between hospitals is secure and all patients could have their own smart card for medical issues.

Having the control of medical information is very powerful. Everybody can remember last years, when the CELERA Company announced that they had the information of human
DNA, allowing the possibility of creating biochips, where everybody could see the risk they have to suffer from some diseases in the future. An insurance company would be very interested in having that information, as it was suggested. As the car insurances do not accept young drivers or people that had had accidents before. Someone could find that he is not allowed to be assured because of the risk of losing money that the company could have in the future.
These two positioning systems have been proofed to be very useful in today’s driving and maybe in two years all new vehicles will carry one of them. Their huge satellite net can search and find an item with less than 1 meter deviation.
The information about the position of a car is also private and nobody would like that some unknown people knew exactly where they are. Some criminal band could be interested in knowing if some people from a group of houses are not at home to sneak into their houses and steal everything. Regarding to private life, it is natural that sometimes we want nobody to know where we are at the moment. Having that information could be very helpful to the paparazzi to find exactly where to look for the famous people thy want to know about.
Military units position is also extremely confidential and some government would pay a lot of money for having a dynamical map where they could see easily what the enemy is doing at that moment.
That is why I suggest installing trusted devices in the GPS system to add an additional security level and prevent possible attacks from a criminal group. If all the information about the positioning is decrypted in the display, it would be very difficult to hack the terminal even if someone gets into the vehicle, which is very risky.
.
For all international companies, having a secure path of communications between all their buildings across the world, would enhance videoconference service thus saving money on trips and arrangements. Industrial information and the company strategy are confidential and through history it is know the significance of developing a technology before others even though it means stealing the information from the rivals which are ahead us.
Apart from the security, some money would be saved in the purchase or the equipment, because all the processing of the information would be done in the screens and only a web cam in every office and a few displays would make the system work perfectly, avoiding buying a computer for each of the participants in the meeting.

In this section, the main characteristics of a cryptographical microchip based on TFT technology will be presented. This model is still being developed and can be the prototype for the next generation of microprocessors to be installed in displays to make possible all the applications suggested above. It has been only built in theory and at the moment there is no news about the process of fabrication.
As can be seen in the diagram below, its architecture is very simple. The keys and the information, both of them encrypted, get into the display by the input buffer, going after it to the input controller. This controller is a state machine of digital circuits that redirects the bit stream to different units, depending on their nature. Information goes to the DES coprocessor in packets of 64 bits and the encrypted keys, to the VeMiCry unit.
In the latter, is where the encrypted DES keys are sent, while the data are stored in the
DES coprocessor. The encryption system used for this is the asymmetric and public key RSA algorithm. When keys have been decrypted they are sent to the coprocessor where the decryption process is performed. The readable information is stored then in a frame buffer and presented in the display.
As this technology is really new, these kinds of chips cannot work over frequency values over a few MHz, however, the information rate needed in a display does not need much faster speeds and as the technology advance, more powerful processor will appear that will get a high resolution image with a quality similar to normal screens.
It is also good to mention that RSA and DES algorithm are not the most secure among all the known ones, but right now they are easier to implement in TFT technology to get a functional prototype, even though they will be substituted for others when real applications start to get into the market.
AES or triple DES will are chosen to replace DES and Elliptic Curve Cryptography, the RSA.

This is a pure hardware module composed of three different blocks which are the key schedule, the round block and a controller. Here is where the symmetric private key DES algorithm is performed. The decrypted keys that come from the VeMiCry unit are stored in the key schedule and a packet of 64 bits of information in the round block The controller is in charge of synchronizing the process and drive the information flux.
As soon as valid data are fed into both modules of the coprocessor, two flags are raised in the controller. Then the controller orders the key schedule to generate a subkey, starting to apply the DES algorithm. The controller receives the information that the subkey has been obtained and sends a signal to the round block to accept the incoming subkey. Once it has accepted it, generates the partial results and also informs the controller about it.
This process is repeated 15 more times to complete the routine of the DES algorithm.
After obtaining the first decrypted 64 bits, the round block inform the controller, puts the information in the output buffer and waits for more data and subkeys.
This part of the model has only been simulated and has obtained an optimal performance, allowing now its fabrication proccess. Also it is the application in a most advanced state and will be possibly the one to appear in the world at the end of 2006. It will be completely done in TFT technology and is ready to be used in all the cryptographical environments desired.
As it has been mentioned in last section, DES algorithm has been chosen to be the most simpler to be implemented in this new technology and also for being known in the whole world. It has had a huge historical importance in computer security in the last thirty years since it were developed by IBM at the end of the seventies.
However, it must be said that it is not the most secure algorithm that we know and it has been already ripped in experiments and maybe in a strongly organized attack, as its 56 bits key is now considered small, due to the power of new computers. In 2001, after a contest organized by the American government, AES or Rijndael algorithm was chosen to be in all northamerican security applications. Its key can be even 256 bits long and still there has not been reported any successful attack against it.
It is based on permutations and non linear substitutions in a bit matrix, according to a specific key.

In this section is explained how works the module that decrypts the keys which are sent to the coprocessor. VeMiCry stands for Vectorial MIPS for cryptography. MIPS means
Millions Instructions Per Second and it is a common measure to compare the power of different processors with the same architecture and instructions set.
The main units of this part of our processor are a chip performing normal scalar instructions and another one which work with vectorial instructions. The instructions and the encrypted keys are stored in the program memory and as the program advances, they are sent to a decoder which redirects them to the specific processor that will work with them depending on their nature. The registers of this unit have a 32 bit length, but the model will be developed with lengths until 256 bits long.
The encryption method used to do this is the asymmetric public key RSA algorithm, whose abbreviation is only the surnames of its creators. It was chosen for the same reason as the DES explained in last part. It is far known by all scientists and the implementation on TFT technology is more straightforward at the moment. The next step will be trying to make a circuit that performs ECC (Elliptic Curve Cryptography) or also AES (Advanced Encryption
Standard), maintaining the vectorial coprocessor in it.
The reason to make a vectorial processor is because these kind of algorithms operate in very long datapaths and require an extreme accuracy, as we are working with huge numbers. Working with vectors in parallel reduces the amount of time needed to perform all the arithmetical operations and also decreases the power dissipation of the whole device. If our pipeline has a size of n steps and our vector occupies r registers, a scalar processor would need n times r clock cycles to process all data, while a vector processor only n+r. It must be said that the VeMiCRy has a scalar and a vectorial pipeline communicated between them.
Another important characteristic to be mentioned is that numbers are transformed into
Montgomery bases, so that instead of making one modular reduction to make a division , two
Montgomery multiplications are needed, saving this way some clock cycles that will allow the full microchip to go faster.
The VeMiCry unit has a set of 17 vectorial instructions where some of them are really useful for public key cryptography. These are Vector-scalar Arithmetic multiplication, where a vector is multiplied by a scalar carrying propagation and the other is Vector-scalar
Polynomial multiplication, whose difference is that in this case no propagation is carried.
They are very important to perform the Montgomery multiplication, based on Montgomery reduction algorithm.
Pablo Sanchez Pedrosa 24-IV-2006